The responsibility of banks ends with reporting suspicious activities to the recommended body.
Corruption is not new to this country. In fact, our economy continues to bleed as new and different scandals take centre stage every other day. We cannot downplay the negative effects corruption has had on our economy.
Worse still, our taxes keep rising and this could unfortunately mean that we may continue to give muscle to the vice.
The current National Youth Service (NYS) scandal has put banks on the spot yet again. Our blogosphere is awash with allegations that our financial institutions continue to abet the looting of our country.
The question being asked is: Why didn’t the banks stop transactions in which it was clear that daylight robbery was going on? Are the banks that handled the looted NYS money culpable? Where do their obligations begin and end?
In a laudable self-regulatory move by the Kenya Bankers Association (KBA), various approval thresholds for cash transactions above Sh10 million are now required to be applied by banks.
For instance, customers planning to withdraw or deposit Sh10 million and above in cash should give a three-day notice and get clearance from branch managers. This is a clear commitment by the banks to preserve the integrity of the banking industry.
But is it enough?
Corruption offences are predicate crimes to money laundering. A predicate crime is an underlying serious offence that results in illicit proceeds that are then laundered or cleaned. Under the Proceeds of Crime and Money Laundering Act, 2009, banks are legally mandated to report suspicious activities and transactions.
Others with similar obligations include insurance and money transfer firms, NGOs and other entities categorised as Designated Non-Financial Businesses. These suspicious activity reports are to be submitted to the Financial Reporting Centre (FRC), an independent agency established under the Act.
Most large banks have sophisticated systems that flag suspicious activities. The obligation to report these activities is placed on the Money Laundering Reporting Officer (MLRO) of the bank. Under the Act, the legal responsibility of banks ends with reporting suspicious activities to the FRC.
The Act does not place any requirement on banks to follow up with FRC regarding whether any action was taken or not. In this light, what FRC does or doesn’t do with the information reported is not the bank’s responsibility.
Some banks have however taken further steps such as discontinuing customer relations based on the number of suspicious activity reports filed about a client.
Since beginning operations in 2012, the FRC has been developing its capacity beginning with the recruitment of qualified personnel. It however still has some long way to go before it can reach optimal staffing levels.
In order to understand how grim things are at the FRC, it is worth noting that the CBK houses the FRC, and that most of its employees are seconded from the Central Bank of Kenya (CBK). However, under the Act, the CBK itself has reporting obligations to the FRC.
Secondly, reporting institutions which are varied in nature submit reports to the FRC. Among the reports the FRC receives are cash transactions, suspicious transactions, annual compliance reports etc.
Due to the absence of an automated system, the FRC manually sorts through the information and forwards these to law enforcement agencies. The fact that the agency is currently under-staffed in addition to lacking automated systems and processes could be an indicator that information submitted by banks could have been lost in the large number of submissions or not acted upon.
The 2018 budget however offers a glimmer of hope to this as Sh587 million has been allocated to the agency. Hopefully, these funds will be a good starting point towards the agency’s resourcing as well as the streamlining and improvement of the efficiency of reporting processes.
But still, are we saying that all a bank should do is report suspicious activity to the FRC? First, investigations into money laundering crimes are not the responsibility of banks. However there exists a delicate balance here since the Act establishes the offence of dealing in laundered money, of which the proceeds of corruption are a type.
Regulators around the world expect banks to have various lines of defence that would reduce their exposure to criminal and illicit funds to a reasonable level.
As the NYS scandal continues to unfold, it would be interesting to see how events unravel where our banks are involved especially given the high media profile this case has attracted.
For instance, it would be questionable for a bank to continue to hold customer relationships with a suspicious client if all or most of that client’s activity is suspect. That said, should banks be blamed for not stopping suspicious transactions?
Not entirely, because a bank’s responsibility is to its client. Banks may run the risk of exposure to unnecessary legal suits for taking unilateral action such as withholding clients’ funds or declining to effect transactions on suspicion of its illicit nature. Essentially, banks require court orders to freeze bank accounts, and therefore have little scope to take immediate action should suspicious activity occur.
So how can banks protect themselves? Under POCAMLA, a bank may raise as a defence the fact that it had reported the suspicious transaction under the terms set out in the Act. The UK legal and regulatory environment has what may be a better approach that addresses the legal nightmare for banks in trying to balance between their responsibilities under the law and their responsibilities to their clients. Banks in the UK are permitted to submit a request for a Defence against Money Laundering (DAML). How this works is that where a bank has reasons to believe that the transactions relate to illegal activities, they could still continue with the transaction but only after obtaining consent from their FRC equivalent to carry out the transaction. This DAML then provides a buffer against dealing in illicit proceeds where there was inaction by the intelligence unit and relevant enforcement agencies. Obtaining consent does not necessarily release a reporting entity from discharging its regulatory obligations. Perhaps a similar provision in POCAMLA should be considered by regulators.
GRACE MUHIA, Certified Anti-Money Laundering Specialist and Forensics Senior Associate at PwC Kenya.